Hello @Rich Roy , apologies for the delayed response here.
When you select the WAF tier in portal and enable the firewall option This enables firewall for your App Gateway but there additional settings and custom policies you can set to take full advantage of this feature.
When you enable the WAF tier from your portal and WAF settings are visible and can be changed from within the Application Gateway view, your WAF is in state 1. Please refer to this document for additional details regarding the states.
The recommended method is to Migrate to a WAF policy as it provides you with additional features like WAF policy settings, managed rulesets, exclusions, and disabled rule-groups. Essentially, all the WAF configurations that were previously done inside the Application Gateway are now done through the WAF Policy.
After doing a random search on internet I found this Youtube video(7:20) which you can refer for how to set-up this WAF policy.
Please let me know if you have any additional concerns. Thank you!
----------
Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community.